lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20140512113228.GA11121@openwall.com>
Date: Mon, 12 May 2014 15:32:28 +0400
From: Solar Designer <solar@...nwall.com>
To: Savio Bot <54v330@...il.com>
Cc: fulldisclosure@...lists.org, oss-security@...ts.openwall.com
Subject: Re: [FD] [oss-security] CVE-2014-0196: Linux kernel pty layer race
	condition memory corruption

On Mon, May 12, 2014 at 04:03:10PM +0530, Savio Bot wrote:
> So is this bug also present in 2.6?

Yes, 2.6.31-rc3 and newer:

http://www.openwall.com/lists/oss-security/2014/05/05/6

Luckily, apparently the bug was not backported to RHEL5:

https://access.redhat.com/security/cve/CVE-2014-0196

"This issue does not affect the versions of the kernel package as
shipped with Red Hat Enterprise Linux 5.

Future kernel updates for Red Hat Enterprise Linux 6 and Red Hat
Enterprise MRG 2 may address this issue."

Alexander

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ